<?php
class PublicAction extends BaseAction{
	function left(){
		$this->display();
	}
	
	
	function top(){
		$this->display();
	}
	
	function main(){
		$this->display();
		
	}
	
	
	function login(){
		if(empty($_SESSION[C('USER_AUTH_KEY')])){
			$this->display();
		}else{
			$this->redirect('Index/index');
		}
	}
	
	function verify(){
		import("ORG.Util.Image");
		Image::buildImageVerify();		
	}
	
	
	function checklogin(){
		if(empty($_POST['username'])) {
			$this->error('帐号错误！');
		}elseif (empty($_POST['password'])){
			$this->error('密码必须！');
		}elseif (empty($_POST['verify'])){
			$this->error('验证码必须！');
		}
		$map=array();
		$map['username']=$_POST['username'];
		$map['active']=array('gt',0);
		if($_SESSION['verify'] != md5($_POST['verify'])) {
			$this->error('验证码错误！');
		}
		
		import('ORG.Util.RBAC');
		$authInfo=RBAC::authenticate($map);
		
		if(empty($authInfo)){
			$this->error('账号不存在或者被禁用!');
		}else{
			if($authInfo['password']!=md5($_POST['password'])){
				$this->error('账号密码错误!');
			}
			$_SESSION[C('USER_AUTH_KEY')]=$authInfo['id'];
			$_SESSION['email']=$authInfo['email'];
			$_SESSION['nickname']=$authInfo['name'];
            $_SESSION['lastLoginDate']=$authInfo['last_login_date'];
			
			if($authInfo['username']=='admin'){
				$_SESSION[C('ADMIN_AUTH_KEY')]=true;
			}
			
			$user=M('User');
			$lastdate=date('Y-m-d H:i:s');
            $data=array();
			$data['id']=$authInfo['id'];
			$data['last_login_date']=$lastdate;
			$user->save($data);
			
			RBAC::saveAccessList();
			$this->assign('jumpUrl',__APP__.'/Index/index');
			$this->success('登录成功!');
		}
	}
	
	function logout(){
		if(!empty($_SESSION[C('USER_AUTH_KEY')])){
			unset($_SESSION[C('USER_AUTH_KEY')]);
			$_SESSION=array();
			session_destroy();
			$this->assign('jumpUrl',__URL__.'/login');
			$this->success('登出成功');
		}else{
			$this->error('已经登出了');
		}
	}
}

?>